package org.tis.tools.auth.config.oauth;

import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.authentication.AuthenticationManager;
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.tis.tools.auth.security.ToolsUserDetailsService;

/**
 * describe: 认证服务web配置
 *
 * 用于保护oauth相关的endpoints，同时主要作用于用户的登录(form login,Basic auth)
 *
 * @author zhaoch
 * @date 2018/8/19
 **/
@Configuration
@EnableWebSecurity
public class WebSecurityConfigurer extends WebSecurityConfigurerAdapter {

    @Autowired
    private ToolsUserDetailsService toolsUserDetailsService;


    @Override
    protected void configure(AuthenticationManagerBuilder auth) throws Exception {
        auth.userDetailsService(toolsUserDetailsService);
    }

//    /**
//     * 在WebSecurityConfigurerAdapter不拦截oauth要开放的资源
//     * @param http
//     * @throws Exception
//     */
//    @Override
//    public void configure(HttpSecurity http) throws Exception {
//        http
//                .csrf().disable()
//                .requestMatchers().antMatchers("/oauth/**", "/login")
//                .and()
//                .authorizeRequests()
//                .antMatchers("/oauth/**").authenticated()
//                .antMatchers("/login").permitAll();
//                .and()
//                .formLogin()
//                .loginProcessingUrl("/login")
//                .failureHandler(new AuthFailHandler()).permitAll();
//    }

    @Override
    @Bean
    public AuthenticationManager authenticationManagerBean() throws Exception {
        return super.authenticationManagerBean();
    }


}
